The IT Compliance Manager role within the Information Security department at Morningstar involves leading and managing a team focused on ensuring compliance with information security standards such as SOX, SOC2, PCI-DSS, and GDPR. This individual will execute audit tests, manage third-party risk assessments, and collaborate closely with internal and external auditors to maintain efficient and effective processes that adhere to regulatory requirements. The role demands strong leadership skills for managing cross-functional teams, expertise in governance frameworks like NIST and ISO, and the ability to multitask under pressure while ensuring compliance across all business units. Candidates should have a bachelor’s degree and at least five years of experience in risk management or IT auditing, along with relevant certifications such as CISSP or CISM.
Lead and manage the Information Security Compliance team to ensure adherence to SOX, SOC2, PCI.
Execute compliance status reporting and metrics for information security and IT processes.
Manage periodic reviews of security policies, processes, and procedures.
Conduct third-party risk management program and contract reviews for client security contracts.
Monitor and enforce compliance with information security and compliance policies and standards.
Liaise with internal, external, and client auditors to facilitate audits as required.
What we're looking for
5+ years of experience in risk management, compliance, or IT auditing.
Strong leadership and team development skills with cross-functional/global team management.
Expertise in implementing governance frameworks like NIST, ISO, COBIT.
Excellent communication skills and familiarity with key compliance standards (SOX, SOC2, PCI-DSS).
Demonstrated ability to manage third-party risk and conduct contract reviews.
Proven track record of leading strategic information security compliance programs.
Market check
Salary context
This
$147,550–$226,233
range sits above
61%
of similar postings on FindRole.
Peer median band
$130,147–$220,000
Median floor and ceiling across peers.
Typical midpoint (25–75%)
$145,200–$216,065
Middle half of comparable postings.
Based on 240 comparable postings.*
* 240 is the maximum number of comparable postings sampled.
Employer
About Morningstar Inc
Morningstar, Inc. is a leading financial services firm providing independent investment research, data, and management services to individuals, advisors, and institutions.
Morningstar Inc currently has
12 open roles
on FindRole.
Listed pay typically runs
$114,100–$167,350
across 12 roles with salary data.
2143 Annapolis Junction Md, US14 days ago
$131,300–$237,350
IAVA
SSP
TS/SCI
Polygraph
CI/CD
DoD 8570
IAT
IAM
Encryption
Communication Protocols
Hardware Security
Software Security
Security Evaluations
Information Systems Security Policies
Day-to-Day Security Operations